Semaphore/db_lib/AnsiblePlaybook.go

package db_lib

import (
	"fmt"
	"os"
	"os/exec"
	"strings"

	"github.com/ansible-semaphore/semaphore/db"
	"github.com/ansible-semaphore/semaphore/pkg/task_logger"
	"github.com/ansible-semaphore/semaphore/util"
	"github.com/creack/pty"
)

type AnsiblePlaybook struct {
	TemplateID int
	Repository db.Repository
	Logger     task_logger.Logger
}

func (p AnsiblePlaybook) makeCmd(command string, args []string, environmentVars *[]string) *exec.Cmd {
	cmd := exec.Command(command, args...) //nolint: gas
	cmd.Dir = p.GetFullPath()

	cmd.Env = os.Environ()
	cmd.Env = append(cmd.Env, fmt.Sprintf("HOME=%s", util.Config.TmpPath))
	cmd.Env = append(cmd.Env, fmt.Sprintf("PWD=%s", cmd.Dir))
	cmd.Env = append(cmd.Env, "PYTHONUNBUFFERED=1")
	cmd.Env = append(cmd.Env, "ANSIBLE_FORCE_COLOR=True")

	// TODO: Following option doesn't work when password authentication used.
	// 		 So, we need to check args for --ask-pass, --ask-become-pass or remove this code completely.
	//       What reason to use this code: prevent hanging of semaphore when host key confirmation required.
	//cmd.Env = append(cmd.Env, "ANSIBLE_SSH_ARGS=\"-o BatchMode=yes\"")

	if environmentVars != nil {
		cmd.Env = append(cmd.Env, *environmentVars...)
	}

	// Remove sensitive env variables from cmd process
	for _, env := range getSensitiveEnvs() {
		cmd.Env = append(cmd.Env, env+"=")
	}

	return cmd
}

func (p AnsiblePlaybook) runCmd(command string, args []string) error {
	cmd := p.makeCmd(command, args, nil)
	p.Logger.LogCmd(cmd)
	return cmd.Run()
}

func (p AnsiblePlaybook) RunPlaybook(args []string, environmentVars *[]string, inputs map[string]string, cb func(*os.Process)) error {
	cmd := p.makeCmd("ansible-playbook", args, environmentVars)
	p.Logger.LogCmd(cmd)

	ptmx, err := pty.Start(cmd)

	if err != nil {
		panic(err)
	}

	go func() {

		b := make([]byte, 100)

		var e error

		for {
			var n int
			n, e = ptmx.Read(b)
			if e != nil {
				break
			}

			s := strings.TrimSpace(string(b[0:n]))

			for k, v := range inputs {
				if strings.HasPrefix(s, k) {
					_, _ = ptmx.WriteString(v + "\n")
				}
			}
		}

	}()

	defer func() { _ = ptmx.Close() }()
	cb(cmd.Process)
	return cmd.Wait()
}

func (p AnsiblePlaybook) RunGalaxy(args []string) error {
	return p.runCmd("ansible-galaxy", args)
}

func (p AnsiblePlaybook) GetFullPath() (path string) {
	path = p.Repository.GetFullPath(p.TemplateID)
	return
}
refactor: create package db_lib 2023-09-23 17:12:35 +02:00			`package db_lib`
refactor(be): extract Ansible to separate class 2022-01-30 14:04:09 +01:00
			`import (`
			`"fmt"`
			`"os"`
			`"os/exec"`
			`"strings"`
feat: move task logger into dedicated package 2024-04-12 12:32:54 +02:00
			`"github.com/ansible-semaphore/semaphore/db"`
			`"github.com/ansible-semaphore/semaphore/pkg/task_logger"`
			`"github.com/ansible-semaphore/semaphore/util"`
			`"github.com/creack/pty"`
refactor(be): extract Ansible to separate class 2022-01-30 14:04:09 +01:00			`)`

			`type AnsiblePlaybook struct {`
refactor(be): move some functionality to GitRepository and AnsiblePlaybook classes 2022-02-06 16:35:58 +01:00			`TemplateID int`
			`Repository db.Repository`
feat: move task logger into dedicated package 2024-04-12 12:32:54 +02:00			`Logger task_logger.Logger`
refactor(be): extract Ansible to separate class 2022-01-30 14:04:09 +01:00			`}`

Add back ENV variable support 2022-06-14 12:58:52 +02:00			`func (p AnsiblePlaybook) makeCmd(command string, args []string, environmentVars []string) exec.Cmd {`
refactor(be): extract Ansible to separate class 2022-01-30 14:04:09 +01:00			`cmd := exec.Command(command, args...) //nolint: gas`
			`cmd.Dir = p.GetFullPath()`
fix(be): bug with panic https://github.com/ansible-semaphore/semaphore/issues/855 2022-02-05 18:34:34 +01:00
			`cmd.Env = os.Environ()`
			`cmd.Env = append(cmd.Env, fmt.Sprintf("HOME=%s", util.Config.TmpPath))`
			`cmd.Env = append(cmd.Env, fmt.Sprintf("PWD=%s", cmd.Dir))`
colored output 2022-03-13 16:11:29 +01:00			`cmd.Env = append(cmd.Env, "PYTHONUNBUFFERED=1")`
			`cmd.Env = append(cmd.Env, "ANSIBLE_FORCE_COLOR=True")`
docs(be): add comment 2024-06-19 20:10:23 +02:00
			`// TODO: Following option doesn't work when password authentication used.`
			`// So, we need to check args for --ask-pass, --ask-become-pass or remove this code completely.`
			`// What reason to use this code: prevent hanging of semaphore when host key confirmation required.`
fix(be): disable BatchMode for ansible playbook to fix issue https://github.com/semaphoreui/semaphore/issues/2098 2024-06-19 09:59:42 +02:00			`//cmd.Env = append(cmd.Env, "ANSIBLE_SSH_ARGS=\"-o BatchMode=yes\"")`
feat(ui): use list for env vars 2024-06-01 21:25:40 +02:00
Add back ENV variable support 2022-06-14 12:58:52 +02:00			`if environmentVars != nil {`
			`cmd.Env = append(cmd.Env, *environmentVars...)`
			`}`
fix(be): bug with panic https://github.com/ansible-semaphore/semaphore/issues/855 2022-02-05 18:34:34 +01:00
feat(be): use env vars for db options 2023-01-27 19:54:46 +01:00			`// Remove sensitive env variables from cmd process`
refactor(be): move consts to func 2024-05-21 13:39:51 +02:00			`for _, env := range getSensitiveEnvs() {`
feat(be): use env vars for db options 2023-01-27 19:54:46 +01:00			`cmd.Env = append(cmd.Env, env+"=")`
			`}`

refactor(be): extract Ansible to separate class 2022-01-30 14:04:09 +01:00			`return cmd`
			`}`

			`func (p AnsiblePlaybook) runCmd(command string, args []string) error {`
Add back ENV variable support 2022-06-14 12:58:52 +02:00			`cmd := p.makeCmd(command, args, nil)`
refactor(be): extract Ansible to separate class 2022-01-30 14:04:09 +01:00			`p.Logger.LogCmd(cmd)`
			`return cmd.Run()`
			`}`

Use Stdin to pass secrets to ansible-playbook (#1911) * feat: pass secrets via stdin * feat: use pty * feat(pty): logs * feat(secrets): works * fix(secrets): use correct ask flag of ansible playbook * test(secrets): change tests 2024-04-05 14:36:04 +02:00			`func (p AnsiblePlaybook) RunPlaybook(args []string, environmentVars []string, inputs map[string]string, cb func(os.Process)) error {`
Add back ENV variable support 2022-06-14 12:58:52 +02:00			`cmd := p.makeCmd("ansible-playbook", args, environmentVars)`
refactor(be): extract Ansible to separate class 2022-01-30 14:04:09 +01:00			`p.Logger.LogCmd(cmd)`
Use Stdin to pass secrets to ansible-playbook (#1911) * feat: pass secrets via stdin * feat: use pty * feat(pty): logs * feat(secrets): works * fix(secrets): use correct ask flag of ansible playbook * test(secrets): change tests 2024-04-05 14:36:04 +02:00
			`ptmx, err := pty.Start(cmd)`

refactor(be): extract Ansible to separate class 2022-01-30 14:04:09 +01:00			`if err != nil {`
Use Stdin to pass secrets to ansible-playbook (#1911) * feat: pass secrets via stdin * feat: use pty * feat(pty): logs * feat(secrets): works * fix(secrets): use correct ask flag of ansible playbook * test(secrets): change tests 2024-04-05 14:36:04 +02:00			`panic(err)`
refactor(be): extract Ansible to separate class 2022-01-30 14:04:09 +01:00			`}`
Use Stdin to pass secrets to ansible-playbook (#1911) * feat: pass secrets via stdin * feat: use pty * feat(pty): logs * feat(secrets): works * fix(secrets): use correct ask flag of ansible playbook * test(secrets): change tests 2024-04-05 14:36:04 +02:00
			`go func() {`

			`b := make([]byte, 100)`

			`var e error`

			`for {`
			`var n int`
			`n, e = ptmx.Read(b)`
			`if e != nil {`
			`break`
			`}`

			`s := strings.TrimSpace(string(b[0:n]))`

			`for k, v := range inputs {`
			`if strings.HasPrefix(s, k) {`
			`_, _ = ptmx.WriteString(v + "\n")`
			`}`
			`}`
			`}`

			`}()`

			`defer func() { _ = ptmx.Close() }()`
refactor(be): move some functionality to GitRepository and AnsiblePlaybook classes 2022-02-06 16:35:58 +01:00			`cb(cmd.Process)`
			`return cmd.Wait()`
refactor(be): extract Ansible to separate class 2022-01-30 14:04:09 +01:00			`}`

			`func (p AnsiblePlaybook) RunGalaxy(args []string) error {`
			`return p.runCmd("ansible-galaxy", args)`
			`}`

			`func (p AnsiblePlaybook) GetFullPath() (path string) {`
			`path = p.Repository.GetFullPath(p.TemplateID)`
			`return`
			`}`